Making network security more human-aware, from the office edge of the cloud

Forcepoint is rethinking cybersecurity past focusing on the Man Signal, where people and data intersect. Our Next Generation Firewall (NGFW) brings this approach into network security, providing the industry’s strongest security, smartest manageability, and highest availability for connecting and protecting users and the information they need.

Today nosotros’re releasing a new version of the software – Forcepoint NGFW half-dozen.iii – that powers our firewall, IPS, and other network security solutions. This new version provides more visibility into users’ actions and enforces security policies that are based on those actions. These same policies now tin be used in Microsoft Azure on our virtual NGFW to protect apps and services running in the cloud. And, we’ve integrated fundamental parts of our CASB engineering to aid in discovering cloud application usage and the relative levels of run a risk that each app entails.

Making Firewalls Aware of Users’ Actions within the Endpoint

Forcepoint NGFW 6.3 is now bachelor for customers to download from our support portal and deploy in minutes via our Security Direction Heart. With it, our firewalls tin at present work with endpoint systems to continuously know:

• Who is actually using the endpoint device,
• What is the status of operating system and central security services, and
• Which specific programs are being run on the endpoint to access the network.

Having this information in one place simplifies the admin’s job, but the real power comes from making security policies more than user-enlightened. While most firewalls tin can practice things like “permit the Social Media Grouping to connect to Facebook, but block anybody else,” Forcepoint NGFW is taking it several steps further.

We can reliably know about local users, not just domain logins. We can enforce NAC-style requirements (“AV must be on and up-to-date”) for access. And, nosotros can do whitelisting and blacklisting of specific endpoint applications (“block utilize of IE 7-10 but allow IE xi” or “block all programs except for POSAPP.EXE on these indicate-of-sale systems”) without the demand for dissever products. And of course they can be combined and so that controls can be more than closely tailored to the business processes they are meant to express.

Controlling Access by Endpoint Application and Version

Extending Protection into Microsoft Azure and Hyper-5

Today’s hybrid enterprise consumes and produces applications from the cloud as well as internally. Securing access to all of these applications consistently, without introducing gaps or silos, is crucial to preventing breaches and keeping costs from spiraling out of control.

Forcepoint customers can at present utilize our virtual NGFW to protect applications running in Microsoft Azure in the public deject or on Hyper-V-based individual cloud systems with the same policies, dashboards, and reports as the remainder of their network. Whether you’re controlling in/out access, connecting apps running in Azure to databases running in Amazon Web Services, or protecting a microsegmented software-defined network with the latest in IPS technology, Forcepoint NGFW gives you lot the total security and manageability that our firewalls are known for.

CASB-fashion Cloud Awarding Discovery

Our NGFW is part of the broader Forcepoint Human Point System. With Forcepoint NGFW half dozen.3, we’ve adapted part of the technology from our Cloud Application Security Broker (CASB) to use our firewall’due south existing log data to discover which deject apps are being used by each user – and what level of gamble each app might pose. This can give admins quick insight into their network’s take chances profile and provides a first step toward complementing their NGFW with the added protection offered by our CASB.

Cloud Application Discovery Report

NGFW 6.3 Adds Other Enhancements

The NGFW 6.3 release also extends Forcepoint’s firewall and IPS capabilities in other ways:

• Expanded Sidewinder Proxy Protection for Mission-Disquisitional Apps
  – Forcepoint NGFW now includes the ability to protect HTTP/HTTPS applications as well every bit SSH, FTP/SFTP, TFTP and DNS services.
• L2/L3 Mixed-Mode Deployment
  – With 6.iii, you tin can use 1 Forcepoint NGFW appliance in two means, simultaneously, to save time, money and endeavour. I set of interfaces tin can be inspecting LAN traffic with our industry-leading IPS while others are being protected with firewalling.
• Additional Flexibility for Managing Approvals
  – SMC users can now exist granted permission to approve Pending Changes, simplifying ii-person modify management processes.
• Route-based VPN
  – MSSPs and others will appreciate being able to set up road-based VPNs within domains.
• More than a dozen display and administrative enhancements
  – IT personnel can even more efficiently run across what is happening across their VPNs, log servers, management consoles and even 3^rd
  political party devices through numerous automation and user experience improvements in the SMC.

You can learn more about our NGFW software, what customers are saying most it, and what makes information technology dissimilar hither.